Avast! Self Destructs

Users of the Avast! anti virus had quite and adventure last night. I noticed the problem myself a little after 10pm when Avast suddenly popped up as it does once in a while to inform me that it’s found a virus. Now normally it’s either a file attached to an email that I”m scanning before I decide whether or not to open it or it’s just something that Firefox saved in it’s cache which is easily solved by clearing the cache.

This time was different. In the space of five minutes Avast reported no less than five items found infected and recommended a boot time scan. I went ahead and scheduled it. The red flag came when it found over 30 items infected and moved them to the virus chest within the first 5% of the scan. I smelled a rat and stopped the scan, rebooted, disabled Avast! and started looking online for information.

While I was looking up the Win32:Delf-MZG and Win32:ZBOT-mkk, I found this thread on DSLReorts that was swamped with people reporting the same kind of thing. As it turns out, this was caused by a buggy update that suddenly had Avast finding false positives all over the place.

Within a couple hours of it happening Avast’s people had a new update out that fixed the problem however today there’s quite a number of people reaching for their online backup files, drive images, and install disks to repair the damage caused because they had Avast! set to delete suspect files instead of simply moving them to the virus chest.

This is a prime example of why I always make it a habit to prevent any A/V from outright deleting stuff. I’d rather have it moved somewhere that it can be recovered from if the infection turns out to be a false positive.

When it’s all said and done I’m still going to stick with Avast! because in spite of this admittedly monstrous glitch, it’s currently the best free A/V out there.

Oh, and by the way, somebody ventured to guess that this was some kind of conspiracy to get people to move to the PRO version but that isn’t so. The PRO version was affected the same as the free version.

[Tags]avast, anti virus,update, false positive, bad update[/tags]

Vista Freezing Up

With the recent resurrection of my laptop’s hard drive from the electronic dead, things have been working well… until recently that is. In the last two weeks it’s developed a very annoying problem where it will, for no apparent reason that I can determine, freeze up.

Everything is going fine and then all of a sudden I’m looking at the now hated spinning busy cursor and nothing responds. I’ve done all the normal diagnostics, registry cleaning, malware scans, disk scans and even booted Kubuntu from a flash drive (by the way, Kubuntu doesn’t exhibit the problem at all) but have not come up with any reason for it.

Needless to say this makes using the machine problematic at best, especially if I’m trying to watch a movie. Stopping at unpredictable intervals for anywhere from 10 seconds to 10 minutes kinda breaks continuity something fierce.

[Tags]laptop problem, vista problem, freezing up, computer lockup[/tags]

How To Tell At A Glance If You’re Infected With Cornflicker

Now that the Cornflicker worm has switched itself on and started doing more than just updating itself, it’s more important than ever to be sure that your machine isn’t infected. Recently I ran into a great way to test any computer with an internet connection and a web browser.

Because cornflicker blocks access to a large number of anti-virus and security websites the “Cornflicker Eye Chart” makes a great quick test. All you need to do is load the page and see if all of the remote images from three A/V and security websites that cornflicker is known to block. If all of the images load, then you’re probably not infected. If they don’t load then you could have a problem.

[Tags]cornflicker, cornflicker worm, cornflicker virus, cornflicker eye chart, detect cornflicker, test for cornflicker, cornflicker test[/tags]

CNN Shares With Your Bandwidth

Are you one of the millions of people who watched the live video stream on CNN’s website of Obama’s inauguration on Jan. 20? If you are, then it’s very likely that your computer and your bandwidth was probably used without your direct knowledge to send that video to other people who were watching it.

Are you one of the millions of people who watched the live video stream on CNN’s website of Obama’s inauguration on Jan. 20? If you are, then it’s very likely that your computer and your bandwidth was probably used without your direct knowledge to send that video to other people who were watching it.

According to a story on Windows Secrets, CNN has started using a P2P app called “Octoshape Grid Delivery”. Apparently, the first time you try to watch a live video feed the flash player informs you that the Octoshape Grid Delivery add on for Adobe’s flash player is required in order to get the feed.

octoshape install

The truth of the matter is that you don’t need Octoshape to watch those feeds. On the lower right corner of the playback window are links for using the normal Adobe flash player or Windows Media Player to watch the feed. They’re just saying it’s “required” because they want as many people as possible to get with the Octoshape program.

Essentially CNN end up using your bandwidth for it’s purposes (without paying you for it I might add!). As you might expect, this plays havoc with your available bandwidth. Octoshape grabs any where from 320 to as much as 600 kilobits per second of your upstream bandwidth. This can make a major dent in your total available bandwidth and I don’t doubt that it’d slow a lot of other connections down in the process.

This is bad enough for a single user setup but then there’s the growing number of people that are connecting two or more computers to their router. On one machine somebody’s looking over some websites for ideas for their next Orlando vacations and then on another machine using the same connection somebody starts watching one of those Octoshape aware CNN things and the 1st person suddenly might think about taking a vacation or at least a nap while their pages load.

What’s really sneaky about it is that the fact that it’s going to take over a big chunk of your pc’s resources and internet bandwidth isn’t made clear up front. Instead it’s written in legalese and hidden in the license agreement (you know, the one’s that hardly anyone reads on account of how convoluted they are.) and you don’t get to see it until after you have to click yes or no to install it.

There’s a lot more on the Windows Secrets site and it’s very much well worth reading. Suffice it to say that in MY opinion, if you get a dialog box asking if you want to install Octoshape, Click NO just as fast as you can.

[tags]octoshape grid delivery, octoshape flash, flash add on, cnn, p2p, evil p2p, deceptive license, bandwidth, bandwidth hog, just say no[/tags]

Big Brother, Thy Name Is Google

Google’s got this new toy that they’ve added to Google Maps called “Latitude”. It’s a feature that allows you to track people’s location in real time.

Google’s got this new toy that they’ve added to Google Maps called “Latitude”. It’s a feature that allows you to track people’s location in real time.

You sign up for it and then send an invitation to the phones of people you want to keep track of, if they accept, then their position (or more accurately, the position of their phone) is displayed on a map. Google is playing it as a “social flavor” of Google maps, almost like a kind of twitter for maps sorta thing that’s supposed to “make it more fun”.

It makes use of cell phone tower information, GPS location data or a Wi-Fi connection to decide where the phone is.

In addition to the “more fun” aspect, there’s the whole “parent’s keeping track of kids” angle as well. I can see where that’s going though, kid says to friend, “dude, I gotta go to that party, will you take my phone home with you tonight and stash it where I can pick it up when it’s over?”

This leads to obvious ways to avoid scenes like that. Such as a parent gets a phone, sends the invite to it, accepts the invite and then sets all the options so that the phone won’t give away the fact that it’s now a stool pigeon and then gives it to the kid without saying anything about the tracking thing.

How about companies doing something very much like that and giving “free” phones to employees, calling them promotional items or performance bonuses or something?

All that aside, the biggest problem with it is the privacy aspect. This gives Google the ability to track people’s movements, information that can be added to their archiving and profiling of everything and everybody. Naturally Google is “promising” that they’re not going to retain any of this information and that only the last location the tracking service picks up will be kept.

Yeah. Right. I’m SO sure of that.

Personally, I wouldn’t want this kind of malware anywhere near a phone or computer of mine.